<?php

class user
{
	//public $group = null;
	
	// Benutzer anlegen
	// login und password weglassen, wenn kein Kunde angemeldet ist
    function user($login = "", $password = "")
    {	
		$this->cfg = $cfg;
		
        if($login != "" && $password != "")
		{
			$this->login($login, $password);
		}
		else
		{
			$_SESSION[SESSION_USERGROUP] = DEFAULT_USERGROUP;
		}
    }
	
	// Wird beim Instanzieren der user Klasse aufgerufen
    private function login($login, $password)
    {			
    	if (isset($_SESSION[SESSION_USER]) && isset($_SESSION[SESSION_USER][SESSION_USER_LOGIN]) && isset($_SESSION[SESSION_USERGROUP]))
        {
		//	Benutzer ist bereits angemeldet
		//	return;
        }
		
			$db = new DBQuery();

                        $query = 'SELECT Person.Vorname AS forename, Person.Name AS name, Gruppen.Name AS groupname, Addresse.PLZ AS plz,

						Addresse.Strasse AS street, Addresse.StrasseNr AS streetnumber, Ort.Stadt as city, Ort.Bezirk AS district,

						Addresse.Tel AS phonenumber
						FROM benutzer
						JOIN Person ON benutzer.persID = Person.id
						JOIN Gruppen ON benutzer.gruppenID = Gruppen.id
						JOIN Addresse ON Addresse.id = Person.AdresseID
						JOIN Ort ON Addresse.PLZ = Ort.PLZ
						WHERE benutzer.loginname='."'".slashfix($login)."' and password='".md5($password)."'";
			$db->execute($query);
	        if (!$row = $db->getRow())
	        {
				return;
	        }
		
		
/*
		// Platzhalter		
		$row = array();
		$row['name'] 			= "Mustermann";
		$row['forename'] 		= "Thomas";
		
		$row['plz']				= "12345";
		$row['city']			= "Dortmund";
		$row['district']		= "";
		$row['street']			= "Bahnhofstrasse";
		$row['streetnumber']	= "45";
		$row['groupname']		= "makler";
		$row['phonenumber']	= "12345";

*/



        Session::create();		
		
		$_SESSION[SESSION_USER] = array();
		
		$_SESSION[SESSION_USER][SESSION_USER_NAME] = $row['name'];
		$_SESSION[SESSION_USER][SESSION_USER_FORENAME] = $row['forename'];
		$_SESSION[SESSION_USER][SESSION_USER_LOGIN] = $login;
		$_SESSION[SESSION_USER][SESSION_USER_PHONENUMBER] = $row['phonenumber'];;
		$_SESSION[SESSION_USER][SESSION_USER_ADDRESS] = array();
		
		$_SESSION[SESSION_USER][SESSION_USER_ADDRESS][SESSION_USER_ADDRESS_PLZ] = $row['plz'];
		$_SESSION[SESSION_USER][SESSION_USER_ADDRESS][SESSION_USER_ADDRESS_CITY] = $row['city'];
		$_SESSION[SESSION_USER][SESSION_USER_ADDRESS][SESSION_USER_ADDRESS_DISTRICT] = $row['district'];
		$_SESSION[SESSION_USER][SESSION_USER_ADDRESS][SESSION_USER_ADDRESS_STREET] = $row['street'];
		$_SESSION[SESSION_USER][SESSION_USER_ADDRESS][SESSION_USER_ADDRESS_STREETNUMBER] = $row['streetnumber'];
						
		$_SESSION[SESSION_USERGROUP] = $row['groupname'];
				
				
		
		return;
    }

    

	// Get Funktionen
	private function get($key, $subkey = null)
    {
		if(isset($subkey))
		{ 
			return $_SESSION[SESSION_USER][$key][$subkey];
		}
		else
		{
			return $_SESSION[SESSION_USER][$key];
		}
    }
	public function GetName() {
        return $this->get(SESSION_USER_NAME);
	}
		
	public function GetGroupname() {
        return $_SESSION[SESSION_USERGROUP];
    }
	
	public function GetForename() {
        return $this->get(SESSION_USER_FORENAME);
    }
	
	public function GetLogin() {
        return $this->get(SESSION_USER_LOGIN);
    }
	
	public function GetPLZ() {
        return $this->get(SESSION_USER_ADDRESS, SESSION_USER_ADDRESS_PLZ);
    }
	
	public function GetCity() {
        return $this->get(SESSION_USER_ADDRESS, SESSION_USER_ADDRESS_CITY);
    }
	
	public function GetDistrict() {
        return $this->get(SESSION_USER_ADDRESS, SESSION_USER_ADDRESS_DISTRICT);
    }
	
	public function GetStreet() {
        return $this->get(SESSION_USER_ADDRESS, SESSION_USER_ADDRESS_STREET);
    }
	
	public function GetStreetnumber() {
        return $this->get(SESSION_USER_ADDRESS, SESSION_USER_ADDRESS_STREETNUMBER);
    }
	
	public function GetPhonenumber() {
        return $this->get(SESSION_USER_PHONENUMBER);
    }	
	
	public function CanViewDetails() {
        global $cfg; return $cfg[CFG_GROUPRIGHTS][$_SESSION[SESSION_USERGROUP]][GROUP_RIGHT_VIEW_DETAIL];
    }
	
    public function CanCreateCustomer() {
        return $this->cfg[CFG_GROUPRIGHTS][$_SESSION[SESSION_USERGROUP]][GROUP_RIGHT_CREATE_CUSTOMER];
    }
	
    public function CanCreateCallcenteragents() {
        global $cfg; return $cfg[CFG_GROUPRIGHTS][$_SESSION[SESSION_USERGROUP]][GROUP_RIGHT_CREATE_CALLCENTERAGENT];
    }
	
    public function CanCreateOffer() {
        global $cfg; return $cfg[CFG_GROUPRIGHTS][$_SESSION[SESSION_USERGROUP]][GROUP_RIGHT_CREATE_OFFER];
    }
	
    public function CanSubscribeForObject() {
        global $cfg; return $cfg[CFG_GROUPRIGHTS][$_SESSION[SESSION_USERGROUP]][GROUP_RIGHT_SUBSCRIBE_FOROBJECT];
    }
	
    public function CanViewMinPrice() {
        global $cfg; return $cfg[CFG_GROUPRIGHTS][$_SESSION[SESSION_USERGROUP]][GROUP_RIGHT_VIEW_MINPRICE];
    }
	
    public function CanUpdatePrice() {
        global $cfg; return $cfg[CFG_GROUPRIGHTS][$_SESSION[SESSION_USERGROUP]][GROUP_RIGHT_UPDATE_PRICE];
    }
	
    public function CanUpdateStatus() {
        global $cfg; return $cfg[CFG_GROUPRIGHTS][$_SESSION[SESSION_USERGROUP]][GROUP_RIGHT_UPDATE_STATUS];
    }
	
    public function CanViewCustomer() {
        global $cfg; return $cfg[CFG_GROUPRIGHTS][$_SESSION[SESSION_USERGROUP]][GROUP_RIGHT_VIEW_CUSTOMER];
    }
	
    public function CanSubscribeCustomerForObject() {
        global $cfg; return $cfg[CFG_GROUPRIGHTS][$_SESSION[SESSION_USERGROUP]][GROUP_RIGHT_SUBSCRIBE_CUSTOMERFOROBJECT];
    }

	
	// Statische Methode um einen benutzer in die Datenbank einzutragen
    public function register($login, $password, $name, $forename, $plz, $city, $district, $street, $streetnumber)
    {
        $db = new DBQuery();

        $values[] = $login;
        $values[] = md5($password);

  		$values = "'".$login."','".md5($password)."','". $name ."','". $forename ."','". $plz ."','". $city ."','". $district ."','". $street ."','". $streetnumber ."'";
        return $db->execute('insert into user (name, pw) VALUES ('.$values.')');
    }
}
?>